Summary: mozilla.dev.security - September 30, 2006 to October 6, 2006
Return to mozilla-dev-tech-xul
Announcements
None during this week.
Discussions
Protocol Handlers
Boris Zbarsky posed the question, Should random webpages have access to the following protocols: feed, pcast, moz-bookmark, webcal, swebcal. As well as any protocols that you have implemented and are NOT in the list of protocols nsScriptSecurityManager::CheckLoadURI
feed:
Consensus is that it should be allowed and treated as an ordinary link.
pcast:
Similar to feed: just differentiating between different types of feeds and should be allowed access.
moz-bookmark:
Protocol is defunct, apparently Ben Goodger disabled it back in 12/2003, shortly after he added it.
webcal: & swebcal:
Should also be allowed as the security manager doesn't differentiate between access types.
Other
This is for allowing protocol handlers to define a custom security model (see bug 120373). There is no consensus in the posts as to if this should be allowed.
Problem Looping C_OpenSession Problem In Thunderbird
Christian Bongiorno has run into a problem developing a PKCS11 module for a new card. Thunderbird is continuously repeating 7 functions including C_OpenSession which accesses the card that he is developing.
Meetings
None during this week.